<?php

require_once('modules/auth.php');

if (isUserLoggedIn()) {
	header("Location: main.php");
	exit();
}

require_once('modules/db/db.php');

if (isset($_POST["username"]) && isset($_POST["password"])) {

	$db = new Database();
	
	// Execute query
	$result = $db->executeQuery("SELECT * FROM user WHERE username=" . addslashes($_POST["username"]));

	if (count($result) == 1) {
	
		// If password is correct save session data and show main page
		if ($result[0]["password"] == $_POST["password"]) {
			
			@session_start();
			
			$_SESSION['logged_in'] = $_POST["username"];
			
			header('Location: main.php');
		}
	}
	else {
		echo "Wrong password!";
	}
}
else {
?>
<!DOCTYPE html>
<html>
<head>
	<title>Log in</title>
	<link rel="stylesheet" type="text/css" href="style/style.css" />
</head>
<body>
	<form action="" method="post" class="round10">
		<div id="loginText"><h1>Login forma</h1></div>	
		<input type="text" placeholder="Username" name="username" id="username" class="round3" /> <br/>	
		<input type="password" placeholder="Password" name="password"  id="password" class="round3" /><br/>
		<input type="submit" value="Uloguj se" id="loginButton" class="round30">
	</form>
</body>
</html>
<?php
}
?>